Ransomware has already managed to carve itself a slot as one of the main cyber security threats in recent years. Individuals, government agencies, and private organizations are each taking precautionary steps to protect against ransomware that can encrypt files beyond one’s reach. What we’re ignoring though is the next wave of ransomware attacks which will […]

Read More →

Microsoft June 2017 Patch Tuesday addressing 97 security vulnerabilities including fixing two critical vulnerabilities Windows Search Remote Code Execution (CVE-2017-8543) and LNK Remote Code Execution (CVE-2017-8464), are being actively exploited in the wild. The most dangerous vulnerability exists in Windows Search Service (WSS), a feature in Windows that allows users to search across multiple Windows […]

Read More →

Adobe has released three security updates for Adobe Flash Player (APSB17-17), Adobe Shockwave Player (APSB17-18), Adobe Captivate (APSB17-19) and Adobe Digital Editions (APSB17-20) which covers a total of 20 CVEs.  Adobe Flash Player address critical vulnerabilities that could potentially allow an attacker to take control of the affected system, Digital Editions resolves few critical and important vulnerabilities that […]

Read More →

There may be a possible ‘second wave’ of massive global cyber attack, as SMB (Server Message Block) was not the only network protocol whose zero-day exploits created by NSA were exposed in the Shadow Brokers release. The WannaCry emergency cannot be ended because the NSA Tools leaked by the Shadow Brokers team included many other dangerous […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:1600702 ALAS-2017-834 CVE-2016-2125 CVE-2016-2126 CVE-2017-2619 CVE-2017-7494 ALAS-2017-834 —- samba oval:org.secpod.oval:def:1600703 ALAS-2017-832 CVE-2016-10229 ALAS-2017-832 —- kernel perf oval:org.secpod.oval:def:1600704 ALAS-2017-833 CVE-2017-3139 ALAS-2017-833 —- bind oval:org.secpod.oval:def:204510 CESA-2017:1365 CVE-2017-7502 CESA-2017:1365 — centos […]

Read More →

In the first week of April 2017, an unknown hacking group called Shadow Brokers leaked an exploitation framework referred as the FuzzBunch, from the Equation Group (one of the most sophisticated attack groups in the world and widely suspected of being tied to the United States National Security Agency (NSA)). This framework consisted of several unauthenticated […]

Read More →